Module1 Flashcards
What are the benefits of Security?
• Protects against external and internal threats
• Meets regulatory compliance (laws & guidelines)
• Maintains and improves business productivity
• Reduces expenses associated with risk
• Maintains brand trust
What is a “Threat Actor”?
Any person or group who presents a security risk.
What is Cybersecurity?
The practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorised access or criminal exploitation.
What do security analysts do?
Security analysts are responsible for monitoring and protecting information and systems.
What is “compliance”?
The process of adhering to internal standards and external regulations.
What are “Security Frameworks”?
Guidelines used for building plans to help mitigate risks and threats to data and privacy
What are “Security Controls”?
Safeguards designed to reduce specific security risks. Used within security frameworks to establish a strong security posture.
What is “Security Posture”?
An organisation’s ability to manage its defence of critical assets and data and react to change.
NOTE: Strong security posture = lower risk for the organization.
What is “Network Security “?
The practice of keeping an organisation’s network infrastructure secure from unauthorised access.
What is “Cloud Security”?
The process of ensuring that assets stored in the cloud are properly configured or set up correctly and access to those assets is limited to authorised users.
What is “The Cloud”?
A network made up of a collection of servers or computers that store resources and data in remote physical locations (data centres) that can be accessed via the Internet.
What is an external threat?
Someone outside of an organisation trying to gain access to private networks, information, or devices.
What is an internal threat?
Current or former employees, trusted partners, or external vendors.
What are the responsibilities of a Security Analyst?
• Protecting computer and network systems
• Installing prevention software
• Conducting periodic security audits
What does SIEM stand for?
Security Information & Event Management